main

Deploying Windows Firewall Settings for Windows XP SP2

Daniel Fleshbourne   on 07 May 2004 - 09:24 · 12 comments & 1472 views

Advertisement (Why?)
Windows XP Service Pack 2 (SP2), currently a Release Candidate in Beta testing, includes significant enhancements to the Windows Firewall component, previously known as the Internet Connection Firewall (ICF). Windows Firewall is a stateful host-based firewall that discards unsolicited incoming traffic, providing a level of protection for computers against malicious users or programs. To provide better protection for computers connected to any kind of network (such as the Internet, a home network, or an organization network), Windows XP SP2 enables Windows Firewall on all network connections by default. This new behavior can impair some types of communications. This article describes how to deploy the appropriate configuration settings for Windows Firewall on an organization network so that it is enabled and providing protection, and so that communications are not impaired.

Download: Deploying Windows Firewall Settings for Microsoft® Windows® XP with Service Pack 2
View: Manually Configuring Windows Firewall in Windows XP Service Pack 2
View: Windows XP Service Pack 2: Resources for IT Professionals


"Getting wider buy-in for the project wasn't just about ROI, it was about fitting in with the values we seek to embody as an HR consultancy. Having said that we've seen a 10% increase in billable hours with our consultants, as they have been able to utilise that dead time that traditionally existed when travelling."


Nigel said that the technology had personally benefited him recently. He explained: "I flew from London to Manchester and spent an hour catching up on all of my correspondence. This meant that when I arrived at the meeting I was up to speed with all the developments. We're now developing profiling tools that will see staff issued with Windows Mobile-based devices or laptops depending on how they work."


Share this Article

About the Author

Full name: Daniel Fleshbourne
User name: Daniel
Contact: via forum PM
Submissions: View All
More: View Bio   New!

Related news

Post a comment · Send to friend Comments · There are 12 additional comments
(3 replies) #1 Varsity on 07 May 2004 - 09:29
MS are never going to beat retail firewalls, but at least this makes Mikey Mouse users a little more secure. They are the major weak point in the security chain, after all.
#1.1 Varsity on 07 May 2004 - 10:08
Of course, this is assuming they can work out how to patch.
#1.2 Jason on 07 May 2004 - 10:13
You have obviously never used ISA server or tried the new ISA 2004 beta, its probably the best software firewall going.

Not for home users obviously but they have beaten othe rretail firewalls.
#1.3 Varsity on 07 May 2004 - 10:34
That's not the one in the Service Pack though, that's IPF.
#2 Dayon on 07 May 2004 - 09:46
a home user with this firewall is better than one without.
(4 replies) #3 yayo on 07 May 2004 - 12:07
How much of an improvement is 'windows firewall' ?
#3.1 Varsity on 07 May 2004 - 12:21
Over what? Nothing?
#3.2 mcraigw on 07 May 2004 - 12:43

The SP2 Windows Firewall is a big improvement over the earlier versions of it. The older versions could only be turned on or off, everything or nothing. This version allows you more advanced options so you can, for instance, allow specific ports if you wish.
#3.3 Kracal on 07 May 2004 - 13:10
Stfu with your crap. Sp2 Firewall has improved alot.
#3.4 Yolly Zubrick on 08 May 2004 - 17:16
FYI, the original ICF from the original XP and SP1 can be configured to open specific ports too. So it's not an all-or-none thing as you described it. In SP2 they just made it a little easier for users to do this.
(1 reply) #4 Smeg on 07 May 2004 - 13:51
Does anyone have any information weather Windows Firewall will be included in Windows Server 2003 SP1? (I know that Routing and Remote Acess should be done instead of 'ICS' and IPSec instead of 'ICF' but I just havn't worked out how to yet, and it's much easier with these components)
#4.1 mram on 08 May 2004 - 00:35
I believe I remember reading that it will be included with SP1 of WS2003 as well as a few more resources to compare what services you are running vs what ports are open. For example, if your server is an email server, it should have an app to intelligently lock down all ports but the email server functions.

Commenting has either been disabled on this article or you are not logged in. Click here to login or register, its free!

Note: Anonymous commenting is disabled in order to keep the quality of responses to a high standard.

Advertisement (Why?)
News powered by Neowin Management System (Build - 5.0.899) © 2000 - 2008 Neowin.net